On Thursday, October 14, 2021 the ACAMS New York Chapter hosted a virtual event on Compliance Tech - Optimizing the Rabbit Hole sponsored by Castellum.AI. The event was moderated by Nishi K. Gupta (Head of Compliance at Eco, Inc. and ACAMS New York Chapter Committee Member) and included the following panelists: Jessica Abell, Vice President of Content at Sayari, Peter M Piatetsky, CEO and Co-Founder at Castellum.AI Zach Pegan, V.P. AML transaction surveillance at BlackRock.
The event began with an overview of the nexus between Alice’s Adventures in Wonderland and the technology challenges facing financial crime compliance departments. Specifically, Alice follows the white rabbit into his rabbit hole and free falls (quite slowly and for a long time) into a new and highly strange world. In modern times, the phrase “down the rabbit” hole has come to mean becoming distracted by an overload of information despite beginning with a clear goal. Additionally, there is a connotation of inefficiency and wasted time in the endeavor. In many ways, compliance departments face a similar problem when it comes to incorporating more sophisticated technologies into their processes. Machine learning, natural language processing, and statistical techniques are not native knowledge bases for the traditional compliance department; this is changing, but still not ubiquitous. Additionally, compliance departments typically do not have personnel who are highly technical by training and do not have the time or resources to up train their existing personnel to bring such a technical transformation in-house. Because technology can be the grand equalizer, but moving from design to implementation in internal compliance departments can be difficult, risky, and expensive, the remainder of the webinar was a dialogue amongst the moderator and panelists on concrete steps from thinking about incorporating innovative methods and capabilities into a bank’s or fintech’s existing compliant technology stack to actually executing on those plans.
The panel reviewed that financial crime compliance departments generally include three substantive financial crime areas: (1) Sanctions/OFAC; (2) BSA/AML; and (3) CIP/KYC/EDD. At the highest level, a review in any of these areas seeks to answer the common question of who is the customer and why is he, she, or it engaging in the activity that our process has identified as potentially concerning. To answer this question, financial crime compliance departments have developed processes, imbued with varying levels of technology, to identify, investigate, and report instances of potentially concerning/suspicious activity. In addition, they have developed processes to improve the effectiveness and efficiency of their programs.
The common paradigm for many financial crime compliance programs is to have rule-based systems that generate alerts for BSA investigations, Sanctions/OFAC alerts that must be reviewed and adjudicated, and KYC/EDD processes that require individual reviews based on certain triggering events or risk category classifications. There are then either manual or automated processes to aggregate information about the identified customer to conduct an investigation, a manual review of that aggregated data, and a manual drafting of some kind of investigative document. Finally, on the back end, there are rule tuning processes and reporting capabilities.
Each of the panelists then discussed, in their respective areas, how data quality for both proprietary and third party data sources is foundational to any downstream technical development to improve a financial crime process. In addition, assessing internal risk appetites, thinking ahead of time on rule attributes and model features based on available data, taking the time to vet and understand how more complex rule and model systems function, and clearly documenting in plain language how each process, model, and system works is critical to the success and sustainability of any technical solution. The panelists also provided key insights into regulatory and examination points to consider along the journey as financial crime compliance departments begin to incorporate more advanced technologies into their existing processes.